HTTP Malicious Toolkit Variant Activity ... Where does it come from?

A guy I know told me he got an attack from saiyanisland.com and the attack is called: HTTP Malicious Toolkit Variant Activity ... So where does the virus come from? Is it from the admin or from the ads? Or maybe from a hacker?